view libervia/pages/merge-requests/edit/page_meta.py @ 1283:436ef2ad92af

pages: moved CSRF checking code to a separate method: `checkCSRF` can now be used to check CSRF, and the token can be put in `X-Csrf-Token` header.
author Goffi <goffi@goffi.org>
date Fri, 19 Jun 2020 16:47:51 +0200
parents f511f8fbbf8a
children 04e7dd6b6f4d
line wrap: on
line source

#!/usr/bin/env python3


from libervia.server.constants import Const as C
from sat.core.i18n import _
from twisted.internet import defer
from sat.tools.common import template_xmlui
from sat.tools.common import data_format
from sat.core.log import getLogger

"""merge-requests edition"""

name = "merge-requests_edit"
access = C.PAGES_ACCESS_PROFILE
template = "merge-request/edit.html"
log = getLogger(__name__)


def parse_url(self, request):
    try:
        item_id = self.nextPath(request)
    except IndexError:
        log.warning(_("no ticket id specified"))
        self.pageError(request, C.HTTP_BAD_REQUEST)

    data = self.getRData(request)
    data["ticket_id"] = item_id


@defer.inlineCallbacks
def prepare_render(self, request):
    data = self.getRData(request)
    template_data = request.template_data
    service, node, ticket_id = (
        data.get("service", ""),
        data.get("node", ""),
        data["ticket_id"],
    )
    profile = self.getProfile(request)

    ignore = (
        "publisher",
        "author",
        "author_jid",
        "author_email",
        "created",
        "updated",
        "comments_uri",
        "request_data",
        "type",
    )
    tickets = yield self.host.bridgeCall(
        "mergeRequestsGet",
        service.full() if service else "",
        node,
        C.NO_LIMIT,
        [ticket_id],
        "",
        {},
        profile,
    )
    ticket = [template_xmlui.create(self.host, x, ignore=ignore) for x in tickets[0]][0]

    try:
        # small trick to get a one line text input instead of the big textarea
        ticket.widgets["labels"].type = "string"
        ticket.widgets["labels"].value = ticket.widgets["labels"].value.replace(
            "\n", ", "
        )
    except KeyError:
        pass

    # same as tickets_edit
    wid = ticket.widgets['body']
    if wid.type == "xhtmlbox":
        wid.type = "textbox"
        wid.value =  yield self.host.bridgeCall(
            "syntaxConvert", wid.value, C.SYNTAX_XHTML, "markdown",
            False, profile)

    template_data["new_ticket_xmlui"] = ticket


@defer.inlineCallbacks
def on_data_post(self, request):
    data = self.getRData(request)
    service = data["service"]
    node = data["node"]
    ticket_id = data["ticket_id"]
    posted_data = self.getAllPostedData(request)
    if not posted_data["title"] or not posted_data["body"]:
        self.pageError(request, C.HTTP_BAD_REQUEST)
    try:
        posted_data["labels"] = [l.strip() for l in posted_data["labels"][0].split(",")]
    except (KeyError, IndexError):
        pass
    profile = self.getProfile(request)

    # we convert back body to XHTML
    body = yield self.host.bridgeCall(
        "syntaxConvert", posted_data['body'][0], "markdown", C.SYNTAX_XHTML,
        False, profile)
    posted_data['body'] = ['<div xmlns="{ns}">{body}</div>'.format(ns=C.NS_XHTML,
                                                                     body=body)]

    extra = {'update': True}
    yield self.host.bridgeCall(
        "mergeRequestSet",
        service.full(),
        node,
        "",
        "auto",
        posted_data,
        "",
        ticket_id,
        data_format.serialise(extra),
        profile,
    )
    # we don't want to redirect to edit page on success, but to tickets list
    data["post_redirect_page"] = (
        self.getPageByName("merge-requests"),
        service.full(),
        node or "@",
    )